az sentinel

Reference

Note

This reference is part of the sentinel extension for the Azure CLI (version 2.37.0 or higher). The extension will automatically install the first time you run an az sentinel command. Learn more about extensions.

Manage Microsoft Sentinel.

Commands

Name	Description	Type	Status
az sentinel alert-rule	Manage alert rule with sentinel.	Extension	GA
az sentinel alert-rule action	Manage alert rule action with sentinel.	Extension	GA
az sentinel alert-rule action create	Create the action of alert rule.	Extension	Experimental
az sentinel alert-rule action delete	Delete the action of alert rule.	Extension	Experimental
az sentinel alert-rule action list	Get all actions of alert rule.	Extension	Experimental
az sentinel alert-rule action show	Get the action of alert rule.	Extension	Experimental
az sentinel alert-rule action update	Update the action of alert rule.	Extension	Experimental
az sentinel alert-rule create	Create the alert rule.	Extension	Experimental
az sentinel alert-rule delete	Delete the alert rule.	Extension	Experimental
az sentinel alert-rule list	Get all alert rules.	Extension	Experimental
az sentinel alert-rule show	Get the alert rule.	Extension	Experimental
az sentinel alert-rule template	Manage alert rule template with sentinel.	Extension	GA
az sentinel alert-rule template list	Get all alert rule templates.	Extension	Experimental
az sentinel alert-rule template show	Get the alert rule template.	Extension	Experimental
az sentinel alert-rule update	Update the alert rule.	Extension	Experimental
az sentinel analytics-setting	Manage security ml analytics setting with sentinel.	Extension	GA
az sentinel analytics-setting create	Create the Security ML Analytics Settings.	Extension	Experimental
az sentinel analytics-setting delete	Delete the Security ML Analytics Settings.	Extension	Experimental
az sentinel analytics-setting list	Get all Security ML Analytics Settings.	Extension	Experimental
az sentinel analytics-setting show	Get the Security ML Analytics Settings.	Extension	Experimental
az sentinel analytics-setting update	Update the Security ML Analytics Settings.	Extension	Experimental
az sentinel automation-rule	Manage automation rule with sentinel.	Extension	GA
az sentinel automation-rule create	Create the automation rule.	Extension	Experimental
az sentinel automation-rule delete	Delete the automation rule.	Extension	Experimental
az sentinel automation-rule list	Get all automation rules.	Extension	Experimental
az sentinel automation-rule show	Get the automation rule.	Extension	Experimental
az sentinel automation-rule update	Update the automation rule.	Extension	Experimental
az sentinel bookmark	Manage bookmark with sentinel.	Extension	GA
az sentinel bookmark create	Create the bookmark.	Extension	Experimental
az sentinel bookmark delete	Delete the bookmark.	Extension	Experimental
az sentinel bookmark expand	Expand an bookmark.	Extension	Experimental
az sentinel bookmark list	Get all bookmarks.	Extension	Experimental
az sentinel bookmark relation	Manage bookmark relation with sentinel.	Extension	GA
az sentinel bookmark relation create	Create the bookmark relation.	Extension	Experimental
az sentinel bookmark relation delete	Delete the bookmark relation.	Extension	Experimental
az sentinel bookmark relation list	Get all bookmark relations.	Extension	Experimental
az sentinel bookmark relation show	Get a bookmark relation.	Extension	Experimental
az sentinel bookmark relation update	Update the bookmark relation.	Extension	Experimental
az sentinel bookmark show	Get a bookmark.	Extension	Experimental
az sentinel bookmark update	Update the bookmark.	Extension	Experimental
az sentinel data-connector	Manage data connector with sentinel.	Extension	GA
az sentinel data-connector connect	Connect a data connector.	Extension	Experimental
az sentinel data-connector create	Create the data connector.	Extension	Experimental
az sentinel data-connector delete	Delete the data connector.	Extension	Experimental
az sentinel data-connector disconnect	Disconnect a data connector.	Extension	Experimental
az sentinel data-connector list	Get all data connectors.	Extension	Experimental
az sentinel data-connector show	Get a data connector.	Extension	Experimental
az sentinel data-connector update	Update the data connector.	Extension	Experimental
az sentinel enrichment	Manage enrichment with sentinel.	Extension	GA
az sentinel enrichment domain-whois	Manage domain whois with sentinel.	Extension	GA
az sentinel enrichment domain-whois show	Get whois information for a single domain name.	Extension	Experimental
az sentinel enrichment ip-geodata	Manage ip geodata with sentinel.	Extension	GA
az sentinel enrichment ip-geodata show	Get geodata for a single IP address.	Extension	Experimental
az sentinel entity-query	Manage entity query with sentinel.	Extension	GA
az sentinel entity-query create	Create the entity query.	Extension	Experimental
az sentinel entity-query delete	Delete the entity query.	Extension	Experimental
az sentinel entity-query list	Get all entity queries.	Extension	Experimental
az sentinel entity-query show	Get an entity query.	Extension	Experimental
az sentinel entity-query template	Manage entity query template with sentinel.	Extension	GA
az sentinel entity-query template list	Get all entity query templates.	Extension	Experimental
az sentinel entity-query template show	Get an entity query.	Extension	Experimental
az sentinel entity-query update	Update the entity query.	Extension	Experimental
az sentinel incident	Manage incident with sentinel.	Extension	GA
az sentinel incident comment	Manage incident comment with sentinel.	Extension	GA
az sentinel incident comment create	Create the incident comment.	Extension	Experimental
az sentinel incident comment delete	Delete the incident comment.	Extension	Experimental
az sentinel incident comment list	Get all incident comments.	Extension	Experimental
az sentinel incident comment show	Get an incident comment.	Extension	Experimental
az sentinel incident comment update	Update the incident comment.	Extension	Experimental
az sentinel incident create	Create the incident.	Extension	Experimental
az sentinel incident create-team	Create a Microsoft team to investigate the incident by sharing information and insights between participants.	Extension	Experimental
az sentinel incident delete	Delete the incident.	Extension	Experimental
az sentinel incident list	Get all incidents.	Extension	Experimental
az sentinel incident list-alert	Get all incident alerts.	Extension	Experimental
az sentinel incident list-bookmark	Get all incident bookmarks.	Extension	Experimental
az sentinel incident list-entity	Get all incident related entities.	Extension	Experimental
az sentinel incident relation	Manage incident relation with sentinel.	Extension	GA
az sentinel incident relation create	Create the incident relation.	Extension	Experimental
az sentinel incident relation delete	Delete the incident relation.	Extension	Experimental
az sentinel incident relation list	Get all incident relations.	Extension	Experimental
az sentinel incident relation show	Get an incident relation.	Extension	Experimental
az sentinel incident relation update	Update the incident relation.	Extension	Experimental
az sentinel incident run-playbook	Trigger playbook on a specific incident.	Extension	Experimental
az sentinel incident show	Get an incident.	Extension	Experimental
az sentinel incident update	Update the incident.	Extension	Experimental
az sentinel metadata	Manage metadata with sentinel.	Extension	GA
az sentinel metadata create	Create a Metadata.	Extension	Experimental
az sentinel metadata delete	Delete a Metadata.	Extension	Experimental
az sentinel metadata list	List of all metadata.	Extension	Experimental
az sentinel metadata show	Get a Metadata.	Extension	Experimental
az sentinel metadata update	Update a Metadata.	Extension	Experimental
az sentinel office-consent	Manage office consent with sentinel.	Extension	GA
az sentinel office-consent delete	Delete the office365 consent.	Extension	Experimental
az sentinel office-consent list	Get all office365 consents.	Extension	Experimental
az sentinel office-consent show	Get an office365 consent.	Extension	Experimental
az sentinel onboarding-state	Manage onboarding state with sentinel.	Extension	GA
az sentinel onboarding-state create	Create Sentinel onboarding state.	Extension	Experimental
az sentinel onboarding-state delete	Delete Sentinel onboarding state.	Extension	Experimental
az sentinel onboarding-state list	Get all Sentinel onboarding states.	Extension	Experimental
az sentinel onboarding-state show	Get Sentinel onboarding state.	Extension	Experimental
az sentinel onboarding-state update	Update Sentinel onboarding state.	Extension	Experimental
az sentinel setting	Manage setting with sentinel.	Extension	GA
az sentinel setting create	Create setting.	Extension	Experimental
az sentinel setting delete	Delete setting of the product.	Extension	Experimental
az sentinel setting list	List of all the settings.	Extension	Experimental
az sentinel setting show	Get a setting.	Extension	Experimental
az sentinel setting update	Update setting.	Extension	Experimental
az sentinel source-control	Manage source control with sentinel.	Extension	GA
az sentinel source-control create	Create a source control.	Extension	Experimental
az sentinel source-control delete	Delete a source control.	Extension	Experimental
az sentinel source-control list	Get all source controls, without source control items.	Extension	Experimental
az sentinel source-control list-repository	Get a list of repositories metadata.	Extension	Experimental
az sentinel source-control show	Get a source control by its identifier.	Extension	Experimental
az sentinel source-control update	Create a source control.	Extension	Experimental
az sentinel threat-indicator	Manage threat intelligence indicator with sentinel.	Extension	GA
az sentinel threat-indicator append-tag	Append tags to a threat intelligence indicator.	Extension	Experimental
az sentinel threat-indicator create	Create a new threat intelligence indicator.	Extension	Experimental
az sentinel threat-indicator delete	Delete a threat intelligence indicator.	Extension	Experimental
az sentinel threat-indicator list	Get all threat intelligence indicators.	Extension	Experimental
az sentinel threat-indicator metric	Manage threat intelligence indicator metric with sentinel.	Extension	GA
az sentinel threat-indicator metric list	Get threat intelligence indicators metrics (Indicators counts by Type, Threat Type, Source).	Extension	GA
az sentinel threat-indicator query	Query threat intelligence indicators as per filtering criteria.	Extension	Experimental
az sentinel threat-indicator replace-tag	Replace tags added to a threat intelligence indicator.	Extension	Experimental
az sentinel threat-indicator show	View a threat intelligence indicator by name.	Extension	Experimental
az sentinel threat-indicator update	Update a threat Intelligence indicator.	Extension	Experimental
az sentinel watchlist	Manage watchlist with sentinel.	Extension	GA
az sentinel watchlist create	Create a Watchlist and its Watchlist Items (bulk creation, e.g. through text/csv content type). To create a Watchlist and its Items, we should call this endpoint with either rawContent or a valid SAR URI and contentType properties. The rawContent is mainly used for small watchlist (content size below 3.8 MB). The SAS URI enables the creation of large watchlist, where the content size can go up to 500 MB. The status of processing such large file can be polled through the URL returned in Azure-AsyncOperation header.	Extension	Experimental
az sentinel watchlist delete	Delete a watchlist.	Extension	Experimental
az sentinel watchlist list	Get all watchlists, without watchlist items.	Extension	Experimental
az sentinel watchlist show	Get a watchlist, without its watchlist items.	Extension	Experimental
az sentinel watchlist update	Update a Watchlist and its Watchlist Items (bulk creation, e.g. through text/csv content type). To create a Watchlist and its Items, we should call this endpoint with either rawContent or a valid SAR URI and contentType properties. The rawContent is mainly used for small watchlist (content size below 3.8 MB). The SAS URI enables the creation of large watchlist, where the content size can go up to 500 MB. The status of processing such large file can be polled through the URL returned in Azure-AsyncOperation header.	Extension	Experimental

Share via

az sentinel

Commands

Additional resources